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DETAILED ACTION 



1. 



Claims 1-12 are pending. 



2. 



Claims 1-3 have been previously allowed. Claims 4-12 are rejected. 



Examiner's Comment 



3. A search of the prior art conducted on 4/1/06 - 4/2/06 has uncovered prior art which is 
believed to read upon Applicant's claims. An examination made however, reveals that the newly 
uncovered art does not read upon the previously allowed claims 1-3. For this reason, claims 1-3 
remain allowable. 



4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 



Claim Rejections - 35 USC § 102 



5. Claims 4-11, 12 are rejected under 35 U.S.C. 102(b) as being anticipated by US patent, 
5935210, Stark. 
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In reference to claim 4: 

Stark (Column 5, lines 60 - Column 6, lines 23) & (Column 3, lines 27-44) discloses a method 
for a directory service that contains a proxy entry corresponding to an external protected resource 
to provide authentication and authorization functions to a software application, the method 
comprising the steps of: 

(A) when the software application needs to access the external protected resource, 

performing the steps of: 

(Al) the software application maintaining a resource map to identify a proxy entry that 

corresponds to the external protected resource, where the software application is the 

module the user uses to interface his or her queries to the resource map. 

(A2) the software application requesting from the directory service access to the proxy 

entry that corresponds to the external protected resource, where the software application 

accesses external resources through proxy entries (URLs or icons) 

(A3) if the directory service grants access to the proxy entry that corresponds to the 

external protected resource, the application accesses the external protected resource, 

where if the user selects the resource to access, the resource is accessed. 

In reference to claim 5: 

Stark (Figure 8) & (Column 9, lines 4-13, 33-57) & (Column 8, lines 47-57) discloses the 
method of claim 4 further comprising the steps of: 
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(A4) if the directory service denies access to the proxy entry that corresponds to the external 
protected resource, the application does not access the protected resource, where the application 
module does not access the selected resource if it has been marked as inaccessible. 

In reference to claim 6: 

Stark (Column 5, lines 60 - Column 6, lines 23) & (Column 3, lines 27-44) discloses a method 
for a directory service to provide authentication and authorization functions to a software 
application, the method comprising the steps of: 

(A) determining which of a plurality of resources require protection, where the resources 
which require protection are designated as inaccessible. 

(B) creating a proxy entry in the directory service for each protected resource, where the 
proxy entry is the URL 

(C) the software application generating a logical mapping that correlates each protected 
resource to its corresponding proxy entry, where the software application is the software 
module the user uses to access the resources through the resource map. 

(D) when the software application needs to access a selected protected resource, 
performing the steps of: 

(Dl) using the logical mapping to identify a proxy entry that corresponds to the selected 
protected resource, where the logical mapping is the resource map. 
(D2) the software application requesting from the directory service access to the 
identified proxy entry, where once the user selects a resource through the resource map, 
the resource is accessed. 
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(D3) if the directory service grants access to the identified proxy entry, the application 
accesses the selected protected resource. 

In reference to claim 7: 

Stark (Figure 8) & (Column 9, lines 4-13, 33-57) & (Column 8, lines 47-57) discloses the 
method of claim 6 further comprising the step of: 

(D4) if the directory service denies access to the proxy entry that corresponds to the selected 
protected resource, the application does not access the selected protected resource, where the 
application module does not access the selected resource if it has been marked as inaccessible. 

In reference to claim 8: 

Stark (Column 5, lines 60 - Column 6, lines 23) & (Column 3, lines 27-44) discloses a program 
product comprising: 

(A) a software application that maintains a logical mapping that correlates a plurality of 
protected resources that are not stored or contained within the directory with 
corresponding proxy entries in a directory service that is managed by a directory service 
server, the application determining whether the application is authorized to access a 
selected protected resource by invoking authentication and authorization functions in the 
directory service server to determines whether the proxy entry corresponding to the 
selected resource may be accessed, and if so, the application accesses the selected 
protected resource, where the software application maintains a resource map, where the 
plurality of protected resources, are the resources of the resource map of Stark, and where 
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if a user chooses to access one of the resources through the map, the resource is thereby 
accessed. 

(B) computer-readable signal bearing media bearing the software application. Stark 
(Column 10, lines 13-42) 

In reference to claim 9: 

Stark (Column 10, lines 13-42) discloses the program product of claim 8 wherein the signal 
bearing media comprises recordable media. 

In reference to claim 10: 

Stark (Column 10, lines 13-42) discloses the program product of claim 8 wherein the signal 
bearing media comprises transmission media. 

In reference to claim 12: 

Stark (Figure 8) & (Column 9, lines 4-13, 33-57) & (Column 8, lines 47-57) discloses the 
program product of claim 8 wherein the application does not access the selected protected 
resource if the proxy entry corresponding to the selected resource cannot be accessed, where the 
application module does not access the selected resource if it has been marked as inaccessible. 



Claim Rejections - 35 USC§103 
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6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 



(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



7. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Stark. 
In reference to claim 1 1 : 

The program product of claim 8 wherein the directory service server is a Lightweight Directory 
Access Protocol (LDAP), and wherein the directory is an LDAP directory. 

The Examiner takes official notice that LDAP was well known to those of ordinary skill in the 
art at the time of invention. Examples of the disclosure include the wikipedia, and the previously 
cited art in the prosecution of the application: "Understanding LDAP" 

Lightweight Directory Access Protocol 

From Wikipedia, the free encyclopedia 

(Redirected from LDAP ) 

Jum p to: navigation, search 



Internet protocol suite 



Layer 



Protocols 



DNS , TLS/SSL TFTP , FTP , HTTP , 



Application 



IMAP, IRC, NNTP , POP3 , SIP , SMTP . 



SNMP, SSH, TELNET , BitTorrent 



RIP, rloqin , ENRP , ... 



Transport 



tcp imp nr.np sdtp ii rudp 
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Network 



IP ( IPv4 , IPv6 ), ICMP , IGMP , ARP , 



RARP , ... 



Link 



Ethernet , Wi-Fi , Token ring , PPP , 
SLIP , FDDI , ATM , Frame Relay , 



SMDS , ... 



In computer networking , the Lightweight Directory Access Protocol, or LDAP, is a 
networking protocol for querying and modifying directory services running over TCP/IP . 
An LDAP directory usually follows the X.500 model: It is a tree of entries, each of which 
consists of a set of named attributes with values. While some services use a more 
complicated "forest" model, the vast majority use a simple starting point for their 
database organization. 

An LDAP directory often reflects various political, geographic, and/or organizational 
boundaries, depending on the model chosen. LDAP deployments today tend to use 
Domain Name System (DNS) names for structuring the most simple levels of the 
hierarchy. Further into the directory might appear entries representing people, 
organizational units, printers, documents, groups of people or anything else which 
represents a given tree entry, or multiple entries. 
Its current version is LDAPv3, as defined in RFC 3377. 



As LDAP has gained momentum, vendors have provided it as an access protocol to 
other services. The implementation then recasts the data to mimic the LDAP/X.500 
model, but how closely this model is followed varies. For example, there is software to 
access SQL databases through LDAP, even though LDAP does not readily lend itself to 
this. X.500 servers may support LDAP as well. 

Similarly, data which were previously held in other types of data stores are sometimes 
moved to LDAP directories. For example, Unix user and group information can be 



Other data models 
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stored in LDAP and accessed via PAM and NSS modules. LDAP is often used by other 
services for authentication. 

It would have been obvious to one of ordinary skill in the art at the time of invention to have the 
directory service server to have separate utility an LDAP server to allow the users of stark to 
access the resources through an additional LDAP interface. 



Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of the final action and the advisory action is not mailed under after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension pursuant to 37 CFR 
1.136(A) will be calculated from the mailing date of the advisory action. In no event, however, 
will the statutory period for reply expire later than SIX MONTHS from the mailing date of this 
final action. 
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9. Any inquiry concerning this communication from the examiner should be directed to 
Thomas M Ho whose telephone number is (571)272-3835. The examiner can normally be 
reached on M-F from 9:30 AM - 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gregory A. Morse can be reached on (571)272-3838. 

The Examiner may also be reached through email through Thomas.Ho6@uspto.gov 

Any inquiry of a general nature or relating to the status of this application or proceeding should 

be directed to the receptionist whose telephone number is (571)272-2100. 

General Information/Receptionist Telephone: 571-272-2100 Fax: 571-273-8300 
Customer Service Representative Telephone: 571-272-2100 fax: 571-273-8300 



TMH 

April 2 nd , 2006 



